Postfix
------
# dnf -y install mailx mutt postfix* nmap
cp /etc/postfix/main.cf /etc/postfix/main.cf.ORG
cp /etc/postfix/master.cf /etc/postfix/master.cf.ORG
# vi /etc/postfix/main.cf
135 # inet_interfaces = localhost
138 # inet_protocols = all
183 # mydestination = $myhostname, localhost.$mydomain, localhost
709 # smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
715 # smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
myhostname = mail.worldcm.tk
mydomain = worldcm.tk
myorigin = $mydomain
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks = 127.0.0.0/8, 10.0.0.0/24
home_mailbox = Maildir/
smtpd_banner = $myhostname ESMTP
message_size_limit = 10485760 # email size for 10M
mailbox_size_limit = 1073741824 # mailbox for 1G
### SMTP-Auth setting
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
### SSL
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt
smtpd_tls_key_file = /etc/pki/tls/certs/server.key
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
### SSL
smtpd_use_tls = yes
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.worldcm.tk/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.worldcm.tk/privkey.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_recipient_restrictions =
permit_mynetworks,
permit_auth_destination,
permit_sasl_authenticated,
reject
[root@mail ~]# systemctl enable --now postfix
[root@mail ~]# vi /etc/postfix/master.cf
16 #tlsproxy unix - - n - 0 tlsproxy
17 submission inet n - n - - smtpd
18 -o syslog_name=postfix/submission
19 # -o smtpd_tls_security_level=encrypt
20 -o smtpd_sasl_auth_enable=yes
21 # -o smtpd_tls_auth_only=yes
22 # -o smtpd_reject_unlisted_recipient=no
23 # -o smtpd_client_restrictions=$mua_client_restrictions
24 # -o smtpd_helo_restrictions=$mua_helo_restrictions
25 # -o smtpd_sender_restrictions=$mua_sender_restrictions
26 # -o smtpd_recipient_restrictions=
27 # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
28 # -o milter_macro_daemon_name=ORIGINATING
29 smtps inet n - n - - smtpd
30 -o syslog_name=postfix/smtps
31 -o smtpd_tls_wrappermode=yes
32 -o smtpd_sasl_auth_enable=yes
33 # -o smtpd_reject_unlisted_recipient=no
34 # -o smtpd_client_restrictions=$mua_client_restrictions
35 # -o smtpd_helo_restrictions=$mua_helo_restrictions
36 # -o smtpd_sender_restrictions=$mua_sender_restrictions
37 # -o smtpd_recipient_restrictions=
38 # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
39 # -o milter_macro_daemon_name=ORIGINATING
40 #628 inet n - n - - qmqpd
[root@mail ~]# vi /etc/dovecot/conf.d/10-ssl.conf
# line 8: change (if set SSL required, specify [required])
ssl = yes
# line 14,15: specify certificates
ssl_cert = </etc/letsencrypt/live/mail.worldcm.net/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.worldcm.net/privkey.pem
[root@mail ~]# systemctl restart postfix dovecot
----